Exetools - Obsidium Olly Scripts

Exetools (https://forum.exetools.com/index.php)

- Community Tools (https://forum.exetools.com/forumdisplay.php?f=47)

- - Obsidium Olly Scripts (https://forum.exetools.com/showthread.php?t=19193)

CodeCracker

04-08-2019 20:53

Obsidium Olly Scripts

1 Attachment(s)

Obsidium Olly Scripts:
First load victim on Olly and execute the ObsidiumOEP.txt script; this will lead to near OEP;
Stolen bytes analyses are inside Obsidium Unpacking (Stolen Code).txt tutorial;
after you get the stolen bytes which have to placed before near entry point.
Finally load ObsidiumIAT.txt script to resolve import table.

CodeCracker

04-09-2019 18:20

fixed version of IAT fixer

1 Attachment(s)

Attached a fixed version of IAT fixer (now also backup/restore ESP register).

CodeCracker

05-11-2025 19:37

New script v3

2 Attachment(s)

Attached new script for Obsidium, fixed ObsidiumIAT for dlls files;
Finding OEP for dll files is different: I've break hardware on execute to Rva 1000 - that address was called from OEP; I've returned from that until I found the real OEP.
Obsidium CodeDecrypt.txt - Olly script for decrypting code section.

CodeCracker

06-02-2025 18:54

ObsidiumIAT_v4.txt Olly script

1 Attachment(s)

ObsidiumIAT_v4.txt Olly script.
Hopefully all bugs was fixed.

All times are GMT +8. The time now is 17:11.